How to Configure RDP Profile on NetScaler Gateway

How to Configure RDP Profile on NetScaler Gateway

book

Article ID: CTX200853

calendar_today

Updated On:

Description

This article provides command line example on how to configure RDP profile on Citrix Gateway (NetScaler Gateway)

Complete the following steps to configure RDP profile:

  1. Create bookmarks for Windows Servers to be accessed through RDP:
    add vpn url URL1 RDP_URL "rdp://192.168.200.52" -clientlessAccess ON
    add vpn url URL2 RDP_2 "rdp://192.168.200.51" -clientlessAccess ON

  2. Create RDP listener on port 3389 using VPN virtual server IP:
    add rdp serverprofile RDP_Server -rdpIP 192.168.200.118 -rdpPort 3389
    Note: The RDP listener can be configured on any port. The RDP listener can be configured on port 443 as long as you use a unique IP for it, which is different from the VPN server IP

  3. Create VPN virtual server and bind RDP server profile created in Step 2:
    add vpn vserver RDP-vserver SSL 192.168.200.118 443 -downStateFlush DISABLED -rdpServerProfileName RDP_Server

  4. Create RDP client profile. The –rdpHost is the virtual server URL:
    add rdp clientprofile RDS-Client-prof -rdpUrlOverride DISABLE -redirectClipboard DISABLE -videoPlaybackMode DISABLE -addUserNameInRdpFile YES -rdpFileName app.rdp -rdpHost rdsvpx.citrix.local

  5. Create session action and bind the client profile created in Step 4. Bind it with session policy and then bind session policy to VPN virtual server:
    add vpn sessionAction RDS-profile -splitTunnel OFF -defaultAuthorizationAction ALLOW -clientlessVpnMode ON -rdpClientProfileName RDS-Client-prof
    add vpn sessionPolicy RDS-pol ns_true RDS-profile
    bind vpn vserver RDP-vserver -policy RDS-pol -priority 100

  6. Add RDP bookmarks to VPN virtual server:
    bind vpn vserver RDP-vserver -urlName URL1
    bind vpn vserver RDP-vserver -urlName URL2

Notes:

  • Clientless VPN mode should be set to ON. ICA proxy should be OFF. ICA only should be OFF.

  • Port 3389 should be opened on firewall between end user machine IP and VPN virtual server VIP.

  • NetScaler Gateway Universal License is required for this implementation. For more information refer to CTX126049 - How to License a NetScaler Gateway Appliance.

Issue/Introduction

This article provides command line example on how to configure RDP profile on NetScaler Gateway 10.5 enhanced build.

Additional Information

Note: RDP Proxy with SSO is not tested / Supported on Win2008.On Windows based OS Win2008R2 / Win 7 / 8 /10 this has been Tested.
Powered by Wolken Software